Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/joszl7vjeMm9I7xAP3JhFk1aZ5s.roa
File: joszl7vjeMm9I7xAP3JhFk1aZ5s.roa (raw, json)
Hash identifier: jKG1eRBOq5nJNcRDVBOsW2QarCcd5ds9sjRhL8pufpI=
Subject key identifier: 8E:8B:33:97:BB:E3:78:C9:BD:23:BC:40:3F:72:61:16:4D:5A:67:9B
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 019425FDD0C9342E7603F72E80EF8FDBBB1E
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/joszl7vjeMm9I7xAP3JhFk1aZ5s.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6677
IP address blocks: 31.209.192.0/18 maxlen: 18
85.220.0.0/17 maxlen: 17
157.157.0.0/16 maxlen: 16
157.157.2.0/24 maxlen: 24
157.157.4.0/24 maxlen: 24
157.157.136.0/24 maxlen: 24
192.147.34.0/24 maxlen: 24
194.105.224.0/19 maxlen: 19
194.105.224.0/24 maxlen: 24
212.30.192.0/19 maxlen: 19
212.30.212.0/24 maxlen: 24
213.167.128.0/19 maxlen: 19
213.167.150.0/24 maxlen: 24
213.167.152.0/24 maxlen: 24
2001:1a98::/29 maxlen: 29
2001:1a98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d0:c9:34:2e:76:03:f7:2e:80:ef:8f:db:bb:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e8b3397bbe378c9bd23bc403f7261164d5a679b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:20:20:8e:0e:15:62:43:5a:0a:f2:e5:bc:a5:
53:38:62:55:c2:da:76:5f:15:40:a5:0c:83:ad:1a:
a4:8e:a9:8d:e7:c7:f1:de:0b:b1:23:c2:91:75:1d:
7a:ea:3e:9b:a6:1b:cc:93:90:94:79:06:6f:f0:4d:
4c:c4:f8:ae:4c:8c:fd:32:40:c6:23:cb:3b:18:20:
00:5a:f9:c6:73:e4:50:8a:6a:08:0f:bd:3e:53:a6:
65:ac:96:46:20:70:f3:b4:15:a0:2d:81:12:76:7a:
ec:eb:e9:df:39:91:02:6f:00:14:2f:a0:97:75:a3:
71:b0:43:03:52:da:fb:af:4f:f5:80:a9:34:fd:3f:
eb:78:43:fd:68:8f:14:5f:35:17:ac:fc:38:ec:8b:
7c:f9:59:69:2b:86:01:d8:10:7e:f4:2f:ee:56:c5:
0d:89:bb:8c:ae:00:05:c7:5a:37:a4:55:e6:42:1f:
af:f9:7a:c0:73:11:11:b9:4b:6f:06:19:e9:87:7c:
aa:a3:4e:ff:3a:25:cd:b6:fa:91:8d:6f:dd:01:9b:
c0:d4:e5:02:f4:b0:ae:de:67:5a:e6:66:74:88:24:
38:05:31:27:73:2b:6b:b3:92:92:a8:24:34:81:4b:
54:4c:b4:7a:db:48:17:65:e9:85:76:25:5e:88:bd:
99:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8B:33:97:BB:E3:78:C9:BD:23:BC:40:3F:72:61:16:4D:5A:67:9B
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/joszl7vjeMm9I7xAP3JhFk1aZ5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
192.147.34.0/24
194.105.224.0/19
212.30.192.0/19
213.167.128.0/19
IPv6:
2001:1a98::/29
Signature Algorithm: sha256WithRSAEncryption
8d:3c:bc:63:fd:8c:a9:d7:2b:d1:d8:9e:82:37:a1:fd:f3:35:
a3:f1:a6:be:c9:f5:52:b2:ba:c2:b2:52:57:a5:89:28:a4:c3:
5e:06:b8:29:43:35:b9:3e:66:18:76:4e:53:1e:4c:bd:26:61:
47:8a:87:36:a3:1b:dd:32:1d:70:10:9d:ff:6b:1e:01:94:e1:
6e:14:3c:d7:c6:10:f8:b5:4b:e7:a7:b6:b4:c5:7b:7e:1f:a2:
5f:5c:22:7a:7b:db:8c:83:28:b6:2e:cb:90:28:b8:2f:88:f0:
32:dd:78:c2:ff:40:ff:4a:84:dd:70:bd:79:dc:83:d7:99:63:
ad:d1:4f:da:89:b9:0b:92:84:11:ba:f0:eb:4e:6c:f6:d0:7f:
8f:96:d8:de:01:ab:e6:ee:73:55:74:06:6f:4e:f3:b2:b5:4b:
14:a5:0d:b5:64:6e:8b:c1:14:21:4e:51:9c:16:1a:18:51:7d:
b9:09:34:4d:06:7c:7c:ff:e1:bc:de:b3:df:69:c2:75:12:d8:
04:4c:c0:a4:c2:11:c1:bd:b5:e0:a5:f9:7f:de:c6:a7:54:0c:
97:ed:07:e4:90:8b:02:c8:62:96:6a:5d:8a:eb:2f:02:f1:4b:
9f:0f:fe:9a:b4:b0:f7:ab:9c:49:c5:d6:bc:55:54:14:81:a1:
82:15:99:1a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQl/dDJNC52A/cugO+P27seMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZThiMzM5N2JiZTM3OGM5YmQyM2JjNDAzZjcyNjExNjRkNWE2NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryAgjg4VYkNaCvLlvKVTOGJVwtp2
XxVApQyDrRqkjqmN58fx3guxI8KRdR166j6bphvMk5CUeQZv8E1MxPiuTIz9MkDG
I8s7GCAAWvnGc+RQimoID70+U6ZlrJZGIHDztBWgLYESdnrs6+nfOZECbwAUL6CX
daNxsEMDUtr7r0/1gKk0/T/reEP9aI8UXzUXrPw47It8+VlpK4YB2BB+9C/uVsUN
ibuMrgAFx1o3pFXmQh+v+XrAcxERuUtvBhnph3yqo07/OiXNtvqRjW/dAZvA1OUC
9LCu3mda5mZ0iCQ4BTEncytrs5KSqCQ0gUtUTLR620gXZemFdiVeiL2Z9QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFI6LM5e743jJvSO8QD9yYRZNWmebMB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEvam9zemw3dmplTW05STd4QVAzSmhGazFhWjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGH9HAAwQH
VdwAAwMAnZ0DBADAkyIDBAXCaeADBAXUHsADBAXVp4AwDQQCAAIwBwMFAyABGpgw
DQYJKoZIhvcNAQELBQADggEBAI08vGP9jKnXK9HYnoI3of3zNaPxpr7J9VKyusKy
UleliSikw14GuClDNbk+Zhh2TlMeTL0mYUeKhzajG90yHXAQnf9rHgGU4W4UPNfG
EPi1S+entrTFe34fol9cInp724yDKLYuy5AouC+I8DLdeML/QP9KhN1wvXncg9eZ
Y63RT9qJuQuShBG68OtObPbQf4+W2N4Bq+buc1V0Bm9O87K1SxSlDbVkbovBFCFO
UZwWGhhRfbkJNE0GfHz/4bzes99pwnUS2ARMwKTCEcG9teCl+X/exqdUDJftB+SQ
iwLIYpZqXYrrLwLxS58P/pq0sPernEnF1rxVVBSBoYIVmRo=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:00 2025 by rpki-client